Posted
by
Soulskillon Monday April 04, 2011 @06:17PM
from the investigating-at-the-speed-of-government dept.

ideaz writes "Pandora Media Inc., the largest Internet radio company, said it's been asked for information as part of a federal grand-jury probe into the way smartphone software developers handle personal data. Pandora isn't a specific target of the investigation and similar subpoenas have been issued to other publishers of apps that run on Apple's iPhone and Google's Android operating system, the company said in a securities filing today."

I disagree. I think it's:
* good news that the government may finally be taking a serious interest in protecting user data.
* bad news that the government may try to start regulating personal data or application developers because let's face it, they rarely get it right (if ever).

I stopped using their app when it wanted access to the system logs. This includes all notifications of pretty much everything going on on your phone. It might help them debug the app, it might help them with advertisers. Who knows. I just knew their app wasn't worth it.

Then they shouldn't install ANY apps whatsoever, and wrap their phones in a layer of tinfoil, move out into a cave and never leave it!

Seriously though, I don't see problems with being tracked by Google through Latitude (which I use, keep my GPS online, and share my location with my friends), or Pandora (which, I don't use). It's not like their going to stalk you and peer in your windows while you sleep...

Listen here the parent obviously did not correctly follow the intentions of both the phone manufacturer as well as the assumption of the software designer. You are supposed to throw the phone into the closest trash receptical after 3-6 months of use and purchase a new $500 phone. By ensuring that your phone is securely in a landfill you can then feel confident that you will be supported to the fullest extent by your software vendor as well as your hardware vendor. Of course both data security and software b

Yep, and that's how I found iPhones that are returned as defective to the Apple Store make it back to the public.

I exchanged a 3GS that was spontaneously rebooting and syncing slowly or not at all, even after a DFU Restore (which is why I honestly believe jailbreaking can damage your flash, especially after I had it happen to TWO jailbroken 3GS's... but that's another story.)

Anyway, I had Pandora on it. I didn't reinstall Pandora right away on my replacement phone, but when I finally did (months later) and logged into my Pandora account, my stations had been replaced with a bunch of stuff I would never listen to. So explain to me how that happened, other than someone using the phone that was supposedly returned to Apple?

I'd imagine the phone was refurbished and either sold again as such (hardly an uncommon practice) or passed off as new (again hardly uncommon, but definitely naughty). Neither of these things preclude it being returned to Apple and the refurbishment performed by them.

Anyway, I had Pandora on it. I didn't reinstall Pandora right away on my replacement phone, but when I finally did (months later) and logged into my Pandora account, my stations had been replaced with a bunch of stuff I would never listen to. So explain to me how that happened, other than someone using the phone that was supposedly returned to Apple?

UUIDs are unique per phone hardware (I think they're derived from an internal serial number embedded either in flash, the CPU, or a mixture of all sorts of entr

I uninstalled Pandora from my phone the second they wanted permissions to access my calendar. I don't care so much that they know who my contacts are, but the details of my personal appointments are much more sensitive. Still, I knew the price and was free not to pay it. It's not like Android doesn't warn you when the permissions change.

I just wish they would add a new "access to data" level that gives access to the application's private directory, and nothing else. It seems kind of silly that you have to give access to everything on the SD, or nothing.

I'm not really sure how that would help - surely untrustworthy apps (or those that legitimately need the refused permission) will simply fail, thus gaining you nothing? Either way you're not going to be using the app.

You don't, but Apple does. I'm sure it's their policy to reject an app that accesses a user's contact list or calendar (for example) which doesn't reasonably make use of.

Personally, I'd rather have a procedure like happens when an app requests access to the location data, but this is yet another situation where Apple's "walled garden" provides value to the average user.

Personally, I'd rather have a procedure like happens when an app requests access to the location data, but this is yet another situation where Apple's "walled garden" provides value to the average user.

I disagree, and I live in that walled garden. I would much prefer each app ask me for the permissions it needs, every single one of them, before it has access to my data.

Personally, I'd rather have a procedure like happens when an app requests access to the location data, but this is yet another situation where Apple's "walled garden" provides value to the average user.

I disagree, and I live in that walled garden. I would much prefer each app ask me for the permissions it needs, every single one of them, before it has access to my data.

If you were to re-read what I wrote, I think you'd find you don't disagree with me.

I'm mostly agreeing with you; the disagreement was with the extension of the thought (and not what you wrote directly), that being "what Apple provides is sufficient." So when I said I disagree, I actually disagreed with that, not with what you wrote. Seriously, thanks for bringing that to my attention. What I really meant, was that I would prefer more granularity than Apple currently provides in terms of giving applications access to my data.

Well, now I'm more confused. I don't know if you're still disagreeing with me or not. I did state I wanted more detailed security options, like what you said you wanted. I'm pretty sure I didn't imply I was alone in this.

The reasons they give are actually pretty good. IF you want to send your stations to a friend, it needs email and contacts. IF you want to add a concert, etc to your calendar, it needs calendar access. It uses GPS to give better targeted advertising (Metallica at the MCI center on )

And didn't uninstall it, especially when I realized I could get free, high quality music I actually enjoyed..Anywhere. Music statistically optimized by my taste by doing little more than suggesting a few bands, then saying "Sucks, skip it" or "This rocks" a few times.In the car? Internet>3G>Iphone>bluetooth>aftermarket bluetooth car deck.No wires. Touch the screen of my phone and stuff it back in my pocket and forget it while driving. Got a phone call? Music pauses, in-car stero becomes speakerp

Google has the problem of telling you all of the things an app will access, but not telling you why.

I also find that annoying at times, but realistically what can Google do? Demand to see the source code and implement a scheme to ensure that what they see is what is actually compiled in to the app? Or change the API to require a message that is displayed at permission request time, and trust the developers not to lie?